LibreTime Radio Automation


An open source radio automation server made for (and made by) low-power FM stations and the rest of us.

View the Project on GitHub LibreTime/libretime

About LibreTime
Contribute to LibreTime

Quick Install
  -- Host Configuration
  -- Setting the Server Time
  -- Configuring Track Types
  -- Setting up SSL

Using LibreTime
Preparing Media
Scheduling Shows
Broadcasting Live
Adding Users
  -- More Tutorials

Radio Broadcasting 101
UNESCO Public Radio Guide

HD Audio Modules
Rights and Royalties
Media Folders used by LibreTime

FreeIPA configuration

You can configure LibreTime to delegate all authentication to a FreeIPA server.

This allows you users to use their existing FreeIPA credentials. For this to work you need to configure Apache to use mod_authnz_pam and mod_intercept_form_submit.

Apache configuration

After installing the needed modules you can set up Apache to intercept form logins and check them against pam.

<Location /login>
    InterceptFormPAMService http-libretime
    InterceptFormLogin username
    InterceptFormPassword password
    InterceptFormLoginSkip admin
    InterceptFormPasswordRedact on
    InterceptFormLoginRealms INT.RABE.CH
    Require pam-account http-libretime

<Location />
           Require pam-account http-libretime
           Require all granted
           Require expr %{REQUEST_URI} =~  /(index.php|login|favicon.ico|js|css|locale)/
           Require all granted

PAM configuration

The above configuration expects a PAM configuration for the http-libretime service.

To confiure this you need to create the file /etc/pam.d/http-libretime with the following contents.

auth    required
account required

LDAP configuration

LibreTime needs direct access to LDAP so it can fetch additional information. It does so with a system account that you need to set up beforehand.

You can configure everything pertaining to how LibreTime accesses LDAP in /etc/airtime/airtime.conf. The default file has the following values you need to change.

# ----------------------------------------------------------------------
#                          L D A P
# ----------------------------------------------------------------------
# hostname:       Hostname of LDAP server
# binddn:         Complete DN of user used to bind to LDAP
# password:       Password for binddn user
# account_domain: Domain part of username
# basedn:         base search DN
# filter_field:   Name of the uid field for searching
#                 Usually uid, may be cn
# groupmap_*:     Map LibreTime user types to LDAP groups
#                 Lets LibreTime assign user types based on the
#                 group a given user is in.
hostname =
binddn = 'uid=libretime,cn=sysaccounts,cn=etc,dc=int,dc=example,dc=org'
password = hackme
account_domain = INT.EXAMPLE.ORG
basedn = 'cn=users,cn=accounts,dc=int,dc=example,dc=org'
filter_field = uid
groupmap_guest = 'cn=guest,cn=groups,cn=accounts,dc=int,dc=example,dc=org'
groupmap_host = 'cn=host,cn=groups,cn=accounts,dc=int,dc=example,dc=org'
groupmap_program_manager = 'cn=program_manager,cn=groups,cn=accounts,dc=int,dc=example,dc=org'
groupmap_admin = 'cn=admins,cn=groups,cn=accounts,dc=int,dc=example,dc=org'
groupmap_superadmin = 'cn=superadmin,cn=groups,cn=accounts,dc=int,dc=example,dc=org'

Enable FreeIPA auth

After everything is set up properly you can enable FreeIPA auth in airtime.conf:

auth = LibreTime_Auth_Adaptor_FreeIpa

You should now be able to use your FreeIPA credentials to log in to LibreTime.